Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-31612

Stack trace shown with suppress-stack-trace plugin installed

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Major
    • Resolution: Fixed

    Description

      When submitting a form as an unprivileged user, Jenkins reports a permissions exception and also prints a stack trace. We have the suppress-stack-trace plugin installed and expect this stack trace not be printed.

      Attachments

        Issue Links

          Activity

            danielbeck Daniel Beck added a comment -

            jec Could you provide the full output of the error page in textual form? Did you restart Jenkins after installing the plugin?

            danielbeck Daniel Beck added a comment - jec Could you provide the full output of the error page in textual form? Did you restart Jenkins after installing the plugin?
            jec Josh Cook added a comment -

            Text sample of stack trace output

            jec Josh Cook added a comment - Text sample of stack trace output
            jec Josh Cook added a comment -

            danielbeck I've attached a text copy of a stacktrace I received. Jenkins has been restarted multiple times since installing the plugin. I was able to trigger this exception by browsing to this page and submitting the form:

            https://$JENKINS_HOST/user/$NOT_MY_USERNAME/credential-store/newDomain

            Since this form is meant for another user, I get an access denied error with the stack trace displayed.

            jec Josh Cook added a comment - danielbeck I've attached a text copy of a stacktrace I received. Jenkins has been restarted multiple times since installing the plugin. I was able to trigger this exception by browsing to this page and submitting the form: https://$JENKINS_HOST/user/$NOT_MY_USERNAME/credential-store/newDomain Since this form is meant for another user, I get an access denied error with the stack trace displayed.
            danielbeck Daniel Beck added a comment -

            AccessDeniedExceptions are whitelisted, but probably needs to determine this using some logic taking into account current authentication – Maybe it's as simple as "if anonymous, rethrow to show login, else, suppress". I wonder whether there's a regression involved.

            https://github.com/jenkinsci/suppress-stack-trace-plugin/blob/master/src/main/java/org/jenkinsci/plugins/suppress_stack_trace/SuppressionFilter.java#L41

            danielbeck Daniel Beck added a comment - AccessDeniedExceptions are whitelisted, but probably needs to determine this using some logic taking into account current authentication – Maybe it's as simple as "if anonymous, rethrow to show login, else, suppress". I wonder whether there's a regression involved. https://github.com/jenkinsci/suppress-stack-trace-plugin/blob/master/src/main/java/org/jenkinsci/plugins/suppress_stack_trace/SuppressionFilter.java#L41
            danielbeck Daniel Beck added a comment -

            I am unable to reproduce this problem in Jenkins 1.642.2 using a user with Overall/Read permission only. The page just shows "username is missing the Overall/Administer permission", with or without the Suppress Stacktrace Plugin. Security realm is PAM, authorization strategy is Matrix Auth.

            danielbeck Daniel Beck added a comment - I am unable to reproduce this problem in Jenkins 1.642.2 using a user with Overall/Read permission only. The page just shows "username is missing the Overall/Administer permission", with or without the Suppress Stacktrace Plugin. Security realm is PAM, authorization strategy is Matrix Auth.
            danielbeck Daniel Beck added a comment -

            I used the URL shown in the screenshot (doUninstall) rather than the credentials store, due to less dependencies (Credentials Plugin version).

            danielbeck Daniel Beck added a comment - I used the URL shown in the screenshot (doUninstall) rather than the credentials store, due to less dependencies (Credentials Plugin version).
            jec Josh Cook added a comment - - edited

            danielbeck I am still able to reproduce this in a few ways with Jenkins ver. 1.642.4 Stack Trace Suppression Plugin ver. 1.4.

            Using an account that only has the Overall / Read permission, if I visit the page < https://$MY_JENKINS/pluginManager/ > I get the following stack trace:

            {{
            hudson.security.AccessDeniedException2: $USERNAME is missing the Overall/Administer permission
            at hudson.security.ACL.checkPermission(ACL.java:63)
            at hudson.model.Node.checkPermission(Node.java:463)
            at hudson.Functions.checkPermission(Functions.java:745)
            at hudson.Functions.checkPermission(Functions.java:765)
            at sun.reflect.GeneratedMethodAccessor282.invoke(Unknown Source)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
            at java.lang.reflect.Method.invoke(Method.java:497)
            at org.apache.commons.jexl.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:258)
            at org.apache.commons.jexl.parser.ASTMethod.execute(ASTMethod.java:104)
            at org.apache.commons.jexl.parser.ASTReference.execute(ASTReference.java:83)
            at org.apache.commons.jexl.parser.ASTReference.value(ASTReference.java:57)
            at org.apache.commons.jexl.parser.ASTReferenceExpression.value(ASTReferenceExpression.java:51)
            at org.apache.commons.jexl.ExpressionImpl.evaluate(ExpressionImpl.java:80)
            at hudson.ExpressionFactory2$JexlExpression.evaluate(ExpressionFactory2.java:74)
            at org.apache.commons.jelly.parser.EscapingExpression.evaluate(EscapingExpression.java:24)
            at org.apache.commons.jelly.impl.ExpressionScript.run(ExpressionScript.java:66)
            at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
            at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
            at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:99)
            at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
            at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:99)
            at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95)
            at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105)
            at org.kohsuke.stapler.jelly.CallTagLibScript.run(CallTagLibScript.java:120)
            at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105)
            at org.kohsuke.stapler.jelly.CallTagLibScript.run(CallTagLibScript.java:120)
            at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105)
            at org.kohsuke.stapler.jelly.JellyViewScript.run(JellyViewScript.java:95)
            at org.kohsuke.stapler.jelly.DefaultScriptInvoker.invokeScript(DefaultScriptInvoker.java:63)
            at org.kohsuke.stapler.jelly.DefaultScriptInvoker.invokeScript(DefaultScriptInvoker.java:53)
            at org.kohsuke.stapler.jelly.JellyClassTearOff.serveIndexJelly(JellyClassTearOff.java:112)
            at org.kohsuke.stapler.jelly.JellyFacet.handleIndexRequest(JellyFacet.java:127)
            at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:735)
            at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
            at org.kohsuke.stapler.MetaClass$3.doDispatch(MetaClass.java:183)
            at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
            at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746)
            at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876)
            at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
            at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
            at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686)
            at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494)
            at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132)
            at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
            at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:129)
            at org.jenkinsci.plugins.suppress_stack_trace.SuppressionFilter.doFilter(SuppressionFilter.java:34)
            at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:129)
            at jenkins.metrics.impl.MetricsFilter.doFilter(MetricsFilter.java:125)
            at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:129)
            at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:123)
            at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
            at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:92)
            at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
            at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:514)
            at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
            at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
            at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
            at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
            at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
            at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482)
            at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
            at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474)
            at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499)
            at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137)
            at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533)
            at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231)
            at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086)
            at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428)
            at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193)
            at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020)
            at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135)
            at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116)
            at org.eclipse.jetty.server.Server.handle(Server.java:370)
            at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489)
            at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949)
            at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011)
            at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644)
            at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235)
            at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82)
            at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668)
            at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52)
            at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
            at java.lang.Thread.run(Thread.java:745)
            }}

            jec Josh Cook added a comment - - edited danielbeck I am still able to reproduce this in a few ways with Jenkins ver. 1.642.4 Stack Trace Suppression Plugin ver. 1.4. Using an account that only has the Overall / Read permission, if I visit the page < https://$MY_JENKINS/pluginManager/ > I get the following stack trace: {{ hudson.security.AccessDeniedException2: $USERNAME is missing the Overall/Administer permission at hudson.security.ACL.checkPermission(ACL.java:63) at hudson.model.Node.checkPermission(Node.java:463) at hudson.Functions.checkPermission(Functions.java:745) at hudson.Functions.checkPermission(Functions.java:765) at sun.reflect.GeneratedMethodAccessor282.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:497) at org.apache.commons.jexl.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:258) at org.apache.commons.jexl.parser.ASTMethod.execute(ASTMethod.java:104) at org.apache.commons.jexl.parser.ASTReference.execute(ASTReference.java:83) at org.apache.commons.jexl.parser.ASTReference.value(ASTReference.java:57) at org.apache.commons.jexl.parser.ASTReferenceExpression.value(ASTReferenceExpression.java:51) at org.apache.commons.jexl.ExpressionImpl.evaluate(ExpressionImpl.java:80) at hudson.ExpressionFactory2$JexlExpression.evaluate(ExpressionFactory2.java:74) at org.apache.commons.jelly.parser.EscapingExpression.evaluate(EscapingExpression.java:24) at org.apache.commons.jelly.impl.ExpressionScript.run(ExpressionScript.java:66) at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95) at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95) at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:99) at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95) at org.kohsuke.stapler.jelly.ReallyStaticTagLibrary$1.run(ReallyStaticTagLibrary.java:99) at org.apache.commons.jelly.impl.ScriptBlock.run(ScriptBlock.java:95) at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105) at org.kohsuke.stapler.jelly.CallTagLibScript.run(CallTagLibScript.java:120) at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105) at org.kohsuke.stapler.jelly.CallTagLibScript.run(CallTagLibScript.java:120) at org.apache.commons.jelly.tags.core.CoreTagLibrary$2.run(CoreTagLibrary.java:105) at org.kohsuke.stapler.jelly.JellyViewScript.run(JellyViewScript.java:95) at org.kohsuke.stapler.jelly.DefaultScriptInvoker.invokeScript(DefaultScriptInvoker.java:63) at org.kohsuke.stapler.jelly.DefaultScriptInvoker.invokeScript(DefaultScriptInvoker.java:53) at org.kohsuke.stapler.jelly.JellyClassTearOff.serveIndexJelly(JellyClassTearOff.java:112) at org.kohsuke.stapler.jelly.JellyFacet.handleIndexRequest(JellyFacet.java:127) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:735) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.MetaClass$3.doDispatch(MetaClass.java:183) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:746) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:876) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649) at org.kohsuke.stapler.Stapler.service(Stapler.java:238) at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:686) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1494) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:132) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:129) at org.jenkinsci.plugins.suppress_stack_trace.SuppressionFilter.doFilter(SuppressionFilter.java:34) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:129) at jenkins.metrics.impl.MetricsFilter.doFilter(MetricsFilter.java:125) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:129) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:123) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:92) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.jenkinsci.plugins.reverse_proxy_auth.ReverseProxySecurityRealm$1.doFilter(ReverseProxySecurityRealm.java:514) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1482) at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1474) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:499) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:137) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:533) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:231) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1086) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:428) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:193) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1020) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:135) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:116) at org.eclipse.jetty.server.Server.handle(Server.java:370) at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(AbstractHttpConnection.java:489) at org.eclipse.jetty.server.AbstractHttpConnection.headerComplete(AbstractHttpConnection.java:949) at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete(AbstractHttpConnection.java:1011) at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:644) at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:235) at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnection.java:82) at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:668) at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:52) at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) }}
            danielbeck Daniel Beck added a comment -

            This behavior seems to be specific to the ReverseProxySecurityRealm. I can reproduce the stack trace with that plugin installed and configured. Not exactly a much installed plugin: https://wiki.jenkins-ci.org/display/JENKINS/Reverse+Proxy+Auth+Plugin

            danielbeck Daniel Beck added a comment - This behavior seems to be specific to the ReverseProxySecurityRealm. I can reproduce the stack trace with that plugin installed and configured. Not exactly a much installed plugin: https://wiki.jenkins-ci.org/display/JENKINS/Reverse+Proxy+Auth+Plugin
            jec Josh Cook added a comment -

            Hi Daniel, yes we do have the reverse proxy auth plugin installed in order to implement corporate single-signon.

            jec Josh Cook added a comment - Hi Daniel, yes we do have the reverse proxy auth plugin installed in order to implement corporate single-signon.

            This plugin overwrites the method createFilter from SecurityRealm and I think it breaks the filter chain and it does not passes by ExceptionTranslationFilter and UnwrapSecurityExceptionFilter

            https://github.com/jenkinsci/reverse-proxy-auth-plugin/blob/master/src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/ReverseProxySecurityRealm.java#L450-L556

            ifernandezcalvo Ivan Fernandez Calvo added a comment - This plugin overwrites the method createFilter from SecurityRealm and I think it breaks the filter chain and it does not passes by ExceptionTranslationFilter and UnwrapSecurityExceptionFilter https://github.com/jenkinsci/reverse-proxy-auth-plugin/blob/master/src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/ReverseProxySecurityRealm.java#L450-L556
            abayer Andrew Bayer added a comment - ifernandezcalvo So would we want something more like https://github.com/jenkinsci/cas-plugin/blob/master/src/main/java/org/jenkinsci/plugins/cas/CasSecurityRealm.java#L172-L176 , adding the new filter to the existing chain?
            ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited

            abayer Yes, it probably works if it is added the filters missing

            ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited abayer Yes, it probably works if it is added the filters missing

            abayer It works, I'm going to make a couple of test more and do the pull request

            ifernandezcalvo Ivan Fernandez Calvo added a comment - abayer It works, I'm going to make a couple of test more and do the pull request
            abayer Andrew Bayer added a comment -

            Great! Assigning to you. =)

            abayer Andrew Bayer added a comment - Great! Assigning to you. =)
            ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited

            tested now all access denied exceptions are controlled.
            I made the PR with the fix.

            ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited tested now all access denied exceptions are controlled. I made the PR with the fix.

            Code changed in jenkins
            User: Ivan Fernandez Calvo
            Path:
            src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/ReverseProxySecurityRealm.java
            http://jenkins-ci.org/commit/reverse-proxy-auth-plugin/dc7808b503d4ae2d2e7c74fa35df0821c1b794f0
            Log:
            JENKINS-31612 creates the default filter and adds the new filter to the chain, so maintains the correct filter chain and unwarps access denied exceptions

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ivan Fernandez Calvo Path: src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/ReverseProxySecurityRealm.java http://jenkins-ci.org/commit/reverse-proxy-auth-plugin/dc7808b503d4ae2d2e7c74fa35df0821c1b794f0 Log: JENKINS-31612 creates the default filter and adds the new filter to the chain, so maintains the correct filter chain and unwarps access denied exceptions

            Code changed in jenkins
            User: Wilder Rodrigues
            Path:
            src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/ReverseProxySecurityRealm.java
            http://jenkins-ci.org/commit/reverse-proxy-auth-plugin/cfa947cdc738e3ef992e99089bd207b12aaa4480
            Log:
            Merge pull request #28 from kuisathaverat/JENKINS-31612

            JENKINS-31612 Fix filter chain

            Compare: https://github.com/jenkinsci/reverse-proxy-auth-plugin/compare/f31a7875d611...cfa947cdc738

            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Wilder Rodrigues Path: src/main/java/org/jenkinsci/plugins/reverse_proxy_auth/ReverseProxySecurityRealm.java http://jenkins-ci.org/commit/reverse-proxy-auth-plugin/cfa947cdc738e3ef992e99089bd207b12aaa4480 Log: Merge pull request #28 from kuisathaverat/ JENKINS-31612 JENKINS-31612 Fix filter chain Compare: https://github.com/jenkinsci/reverse-proxy-auth-plugin/compare/f31a7875d611...cfa947cdc738
            jec Josh Cook added a comment -

            I see that changes to address have been merged into the suppress-stack-trace plugin master branch, but there hasn't been a subsequent release.

            Is there any ETA for when a new version of this plugin will be available including these changes?

            jec Josh Cook added a comment - I see that changes to address have been merged into the suppress-stack-trace plugin master branch, but there hasn't been a subsequent release. Is there any ETA for when a new version of this plugin will be available including these changes?
            oleg_nenashev Oleg Nenashev added a comment -

            It has been actually released in 1.6.0

            oleg_nenashev Oleg Nenashev added a comment - It has been actually released in 1.6.0

            People

              ifernandezcalvo Ivan Fernandez Calvo
              jec Josh Cook
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: